package com.lfl.filter;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.*;

/**
 * @program: JavaEE-EFD
 * @description:
 * @author: fengjd
 * @create: 2022-07-28 13:34
 **/
public class MyFilter implements Filter {

    private List<String> actionName;

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        if (actionName == null) {
            actionName = new ArrayList<String>();
        }
        actionName.add("loginPage.action");
        actionName.add("login.action");
        actionName.add("loginOut.action");
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse response, FilterChain chain) throws IOException, ServletException {

        /* 校验 request的uri是不是包含 白名单,是放行,不是,校验session中是否有登录的证明,没有跳转至登录页面, 如果已经登录,判断有无要访问页面的权限 */
        HttpServletRequest req = (HttpServletRequest) servletRequest;
        HttpServletResponse resp = (HttpServletResponse) response;

        //通过拦截器设置编码
        req.setCharacterEncoding("UTF-8");
        resp.setCharacterEncoding("UTF-8");
        resp.setContentType("text/html;charset=UTF-8");


        //获取当前进入拦截器的请求，与集合中的元素对比,如果当前请求存在集合中，则直接放过
//		String url = req.getRequestURL().toString();
        String uri = req.getRequestURI();


        String nowAction = uri.substring(uri.lastIndexOf("/") + 1);
        for (String actionStr : actionName) {
            if (nowAction.equals(actionStr)) {
                chain.doFilter(req, resp);
                return;
            }
        }


        //获取session中的登录用户,判断该用户是否经过登录的流程
        HttpSession session = req.getSession();
        Object obj = session.getAttribute("loginManager");
        if (obj == null) {//没经过登录流程
            System.out.println("该用户没有登录！");
            req.getRequestDispatcher("WEB-INF/page/login.jsp").forward(req, resp);
            return;
        }

        //心跳请求不需要权限验证
        if (uri.contains("heart.action")) {
            //放过请求
            chain.doFilter(req, resp);
            return;
        }


        //权限验证
        uri = uri.replaceAll(req.getServletPath(), "");
        boolean isURLFunc = false;
        Map<String, Map<String, String>> qxMap = (Map<String, Map<String, String>>) session.getAttribute("modelMap");
        Collection<Map<String, String>> coll = qxMap.values();
        Iterator<Map<String, String>> it = coll.iterator();
        while (it.hasNext()) {
            Map<String, String> funcURLMap = it.next();
            if (funcURLMap.get(uri) != null) {
                isURLFunc = true;
                break;
            } else {
                isURLFunc = false;
            }
        }
        if (!isURLFunc) {//没有权限
            req.getRequestDispatcher("WEB-INF/page/error.jsp").forward(req, resp);
            return;
        }


        //放过请求
        chain.doFilter(req, resp);

    }

    @Override
    public void destroy() {

    }
}
